Master's Thesis

Cybersecurity Test Automation: Experiences with Robot Framework and OWASP ZAP Technologies

Diogo Filipe Afonso Fernandes2022

Key information

Authors:

Diogo Filipe Afonso Fernandes (Diogo Filipe Afonso Fernandes)

Supervisors:

Alberto Manuel Rodrigues da Silva (Alberto Manuel Rodrigues da Silva); Ana Cristina Ramada Paiva

Published in

11/16/2022

Abstract

Web applications had a massive growth over the last decades, increasing the risk and the data sensitive exposure to attacks that are also evolving and becoming more sophisticated. Web applications shall be tested repeatedly to give their stakeholders confidence about security exposure. However, to have better coverage of applications is important to include a process that would allow reviewing the implementations from the early until the deployment phase. ITLingo initiative, with the RSL language, helps with the requirements specifications and tests and already integrates with Robot Framework, a RPA tool that produces reusable and reproducible test scripts, enabling testing automation. The present work aims to explore the contribution of the Robot Framework with the OWASP ZAP, an open-source web vulnerability scanner. Using both technologies combined we can achieve an automated approach to an automated web vulnerability scanning approach that can be reusable and facilitates organizations to have an end-to-end solution to test their web applications against common vulnerabilities.

Publication details

Authors in the community:

Supervisors of this institution:

Fields of Science and Technology (FOS)

electrical-engineering-electronic-engineering-information-engineering - Electrical engineering, electronic engineering, information engineering

Publication language (ISO code)

eng - English

Rights type:

Embargo lifted

Date available:

10/16/2023

Institution name

Instituto Superior Técnico